Bug report #17947
Add GeoJSON from a https URL on Windows fails due to a SSL certificate problem
Status: | Open | ||
---|---|---|---|
Priority: | Normal | ||
Assignee: | - | ||
Category: | Data Provider | ||
Affected QGIS version: | 3.4.4 | Regression?: | No |
Operating System: | Windows 7 , windows 10 | Easy fix?: | No |
Pull Request or Patch supplied: | No | Resolution: | |
Crashes QGIS or corrupts data: | No | Copied to github as #: | 25843 |
Description
Trying to add a Geojson in QGIS Desktop from a url from the dialog add vector layer by protocol, gives error.
"Invalid data source https: // ......... .geojson is not a valid or recognized data source".
The same geojson, if I open it in local works, online gives that error.
It doesn't work with http, or with https.
If you copy the content of the geojson in the URI, it shows it to you.
It has not worked for me in the QGIS Desktop 2.18.14 and QGIS Desktop 2.18.16, windows versions.
Related issues
History
#1 Updated by David Piles almost 7 years ago
- Assignee deleted (
Luigi Pirelli)
#2 Updated by Nyall Dawson almost 7 years ago
- Status changed from Open to Feedback
Just a hunch - is this geojson from fulcrum?
Try this:
Inside QGIS, go to Options - System. Under "environment" add a new line, with
VARIABLE: GDAL_HTTP_USERAGENT
VALUE: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36
ok out of options, restart qgis.
It'll work ok after that.
Seems like something at fulcrum is blocking the user agent used by gdal.
#3 Updated by Alessandro Pasotti almost 7 years ago
- Subject changed from Ad GeoJSON from a URL to Add GeoJSON from a URL
#4 Updated by David Piles almost 7 years ago
- File qgis.jpg added
- Assignee set to Alessandro Pasotti
Thx
As in the picture?
It doesn't work for me after restarting.
#5 Updated by Alessandro Pasotti almost 7 years ago
- Assignee deleted (
Alessandro Pasotti)
#6 Updated by Richard Duivenvoorde almost 7 years ago
You are not behind a proxy are you?
Can you provide the url you are testing? Or the json you receive when you download it in your browser?
As a test I just scribbled a line in http://geojson.io and save it on my homeserver: http://duif.net/test.json
That just works for me both in 2.18 and in master.
Can you check those (line around europe)
#7 Updated by David Piles almost 7 years ago
I'm not behind a proxi.
My GeoJSON is done through the menu "save as" QGIS, from a shp file.
Maybe there's the problem, the format in which QGIS mades and save geojsons.
Try this url: https://strageo.es/wp-content/uploads/datos/Testing_QGIS1.geojson
If you open directly in QGIS it works, but by the protocol method doesn't work.
#8 Updated by Richard Duivenvoorde almost 7 years ago
- Subject changed from Add GeoJSON from a URL to Add GeoJSON from a https URL on Windows fails due to a SSL certificate problem
Ok, confirmed here on a recent Windows osgeo4w64 build. In the message console it says:
2018-02-06T18:03:24 1 Data source is invalid (SSL certificate problem: unable to get local issuer certificate)
Seems the problem seems to be the httpS connection.
Will change the Subject
In Linux this works just fine.
To test on windows: http://duif.net/Testing_QGIS1.geojson works just fine.
https://duif.net/Testing_QGIS1.geojson does not load and shows error above
Tried to update to latest 2.18, but did not help.
Also tested current master/2.99 in same environment: Same problem!
QGIS version
2.99.0-Master
QGIS code revision
1a117cf080
Compiled against Qt
5.9.2
Running against Qt
5.9.2
Compiled against GDAL/OGR
2.2.3
Running against GDAL/OGR
2.2.3
Compiled against GEOS
3.5.0-CAPI-1.9.0
Running against GEOS
3.5.0-CAPI-1.9.0 r4084
PostgreSQL Client Version
9.2.4
SpatiaLite Version
4.3.0
QWT Version
6.1.3
PROJ.4 Version
493
QScintilla2 Version
2.10.1
This copy of QGIS writes debugging output.
#9 Updated by Richard Duivenvoorde almost 7 years ago
Adding another observation:
Plain ogrinf generates the same error:
C:\osgeo4w64>ogrinfo https://duif.net/Testing_QGIS1.geojson ERROR 1: SSL certificate problem: unable to get local issuer certificate ERROR 1: SSL certificate problem: unable to get local issuer certificate FAILURE: Unable to open datasource `https://duif.net/Testing_QGIS1.geojson' with the following drivers.
#10 Updated by Tom Chadwin almost 7 years ago
Does this help when trying ogrinfo:
--config GDAL_HTTP_UNSAFESSL YES
Source: https://toolkit.data.wa.gov.au/hc/en-gb/articles/115000819754
EDIT: A better source on gdal-dev, with input from Even is here:
https://lists.osgeo.org/pipermail/gdal-dev/2017-June/046714.html
#11 Updated by Luigi Pirelli almost 7 years ago
May you check a workaround in windows? In a win installation that expose the porblem, try to load the geojson in a Explorer (not other browser... only Explorer!)
Then try to load in QGIS as usual and verify if the error is still present.
The rational is that a CAPI enabled Browser, reciving a Unsercognised CA, try to ask to the M$ services to check if the CA is trustable, it M$ say yes, the CA is added in the CA lists.
let us know if this warkaround works... if so, we can follow with possibile solutions.
#12 Updated by Richard Duivenvoorde almost 7 years ago
@Tom Chadwin: yes that helped (for ogrinfo)...
#13 Updated by Richard Duivenvoorde almost 7 years ago
@Luigi tried your test also here (by the way I'm on a recent new/updtodate WIN10 VM here, not a fully registred Windows install).
Loaded the https url succesfully in Explorer... that made my (by accident) already running QGIS 2.18 crash instantanious?! :(
So? apparently something was happening?
But restarting QGIS it still gives the error, and also the master version of QGIS.
Also tried with a clean .qgis2 dir, and by adding the url to Microsoft Edge (as that is their favorite isn't it?).
But all did not help...
Not that the duif.net cert is a Letsencrytp certificate, while the https url from the original issuer (https://strageo.es/wp-content/uploads/datos/Testing_QGIS1.geojson) is a Digicert certificate. Both failing (in my and his environment).
#14 Updated by Geoffrey Baum over 6 years ago
Nyall Dawson wrote:
Just a hunch - is this geojson from fulcrum?
Try this:
Inside QGIS, go to Options - System. Under "environment" add a new line, with
VARIABLE: GDAL_HTTP_USERAGENT
VALUE: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36ok out of options, restart qgis.
It'll work ok after that.
Seems like something at fulcrum is blocking the user agent used by gdal.
A Fulcrum GeoJSON opens for me in QGIS 2.18.7 but not within QGIS 3.0, pretty much any QGIS after 2.18.8 I believe from other discussions I've seen online. Also your advice does not seem to work in any other versions if added to the Environment variables.
#15 Updated by joe larson about 6 years ago
I wanted to checkin here to see if there's any update to this issue or advice on how we might be able to overcome this (disclaimer, I work on the Fulcrum product). This is currently still an issue with Windows 2.x LTR and 3.x, but if you go back to 2.16.3-1 it is functional. In my testing, none of the suggestions mentioned in this thread help in getting these data sources to be recognized.
#16 Updated by Calvin Metcalf almost 6 years ago
I'm seeing this for google URLs too, it was a fresh install of QGIS and trying to load some geojson from a url got the `SSL certificate problem: unable to get local issuer certificate` error
#17 Updated by Giovanni Manghi almost 6 years ago
Calvin Metcalf wrote:
I'm seeing this for google URLs too, it was a fresh install of QGIS and trying to load some geojson from a url got the `SSL certificate problem: unable to get local issuer certificate` error
what qgis version? what os and version?
#18 Updated by Giovanni Manghi almost 6 years ago
- Duplicated by Bug report #20898: Geojson Protocol in QGIS 3.4.3 added
#19 Updated by Jürgen Fischer almost 6 years ago
Please test with QGIS 3.4 - QGIS 2.18 reached it's end of life.
#20 Updated by joe larson almost 6 years ago
- Affected QGIS version changed from 2.18.16 to 3.4.4
I am still experiencing the same behavior in my test with 3.4.4 on Windows 10 and have updated the 'Affected QGIS version' of this ticket. Noted, I am testing in a virtualized environment (Parallels via a Mac host OS). It would be nice if someone else can also test.
#21 Updated by Nyall Dawson almost 6 years ago
Joe - are you connecting to fulcrum? Because they also block the QGIS user agent from direct access (no idea why).
#22 Updated by joe larson almost 6 years ago
Nyall Dawson wrote:
Joe - are you connecting to fulcrum? Because they also block the QGIS user agent from direct access (no idea why).
Hi Nyall, yes - I'm trying from Fulcrum. It's not an issue on Mac with QGIS 3.4. I suspect this is related #19331
In my Win10 VM/QGIS 3.4.4, I can connect to the Fulcrum data by setting GDAL_HTTP_UNSAFESSL = YES ...so we'll provide that workaround for now.
#23 Updated by Chad Howard over 5 years ago
I used the Data Share feature from Fulcrum in every version of QGIS up to 3.4.3. After this version it broke but only in the Windows Version of QGIS. The Linux and Mac versions still operate perfectly with no problems at all. In the windows version when you pick GeoJson as your viable there are TWO in the list and neither work. I have tried to place the work around listed above and still does not work. It is not the end of the world for me since I have 2 Linux boxes, 3 Macs and 2 Windows computers so when I need to import data from fulcrum I just kick over to a Linux or Mac machine.
#24 Updated by Giovanni Manghi over 5 years ago
- Priority changed from High to Normal
- Status changed from Feedback to Open
- Regression? changed from Yes to No